You are previewing Business Continuity and Disaster Recovery Planning for IT Professionals, 2nd Edition.
O'Reilly logo
Business Continuity and Disaster Recovery Planning for IT Professionals, 2nd Edition

Book Description

Powerful Earthquake Triggers Tsunami in Pacific. Hurricane Isaac Makes Landfall in the Gulf Coast. Wildfires Burn Hundreds of Houses and Businesses in Colorado. Tornado Touches Down in Missouri. These headlines not only have caught the attention of people around the world, they have had a significant effect on IT professionals as well. The new 2nd Edition of Business Continuity and Disaster Recovery for IT Professionals gives you the most up-to-date planning and risk management techniques for business continuity and disaster recovery (BCDR). With distributed networks, increasing demands for confidentiality, integrity and availability of data, and the widespread risks to the security of personal, confidential and sensitive data, no organization can afford to ignore the need for disaster planning.

Author Susan Snedaker shares her expertise with you, including the most current options for disaster recovery and communication, BCDR for mobile devices, and the latest infrastructure considerations including cloud, virtualization, clustering, and more. Snedaker also provides you with new case studies in several business areas, along with a review of high availability and information security in healthcare IT.

Don’t be caught off guard-Business Continuity and Disaster Recovery for IT Professionals, 2nd Edition , is required reading for anyone in the IT field charged with keeping information secure and systems up and running.



  • Complete coverage of the 3 categories of disaster: natural hazards, human-caused hazards, and accidental / technical hazards
  • Extensive disaster planning and readiness checklists for IT infrastructure, enterprise applications, servers and desktops
  • Clear guidance on developing alternate work and computing sites and emergency facilities
  • Actionable advice on emergency readiness and response
  • Up-to-date information on the legal implications of data loss following a security breach or disaster

Table of Contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Acknowledgments
  6. About the Authors
  7. Introduction
  8. Chapter 1. Business Continuity and Disaster Recovery Overview
    1. Abstract
    2. In this chapter
    3. Introduction
    4. Business continuity and disaster recovery defined
    5. Components of business
    6. The cost of planning versus the cost of failure
    7. Types of disasters to consider
    8. Business continuity and disaster recovery planning basics
    9. Summary
    10. Key concepts
    11. References
  9. Chapter 2. Legal and Regulatory Obligations Regarding Data and Information Security
    1. Abstract
    2. In this chapter
    3. Introduction
    4. Impact of recent history
    5. Current regulatory environment
    6. Information security management
    7. Did you know?
    8. Summary
    9. Key concepts
    10. References
  10. Case Study: Legal Obligations Regarding Data Security
    1. Abstract
    2. In this chapter
    3. Contributor profile
    4. Background
    5. The Sony PlayStation incident
    6. State laws regarding data security
    7. Federal laws regarding data security
    8. Conclusion
    9. References
  11. Chapter 3. Project Initiation
    1. Abstract
    2. In this chapter
    3. Introduction
    4. Elements of project success
    5. Project plan components
    6. Project organization
    7. Project planning
    8. Project implementation
    9. Project tracking
    10. Project close out
    11. Key contributors and responsibilities
    12. Project definition
    13. Business requirements
    14. Functional requirements
    15. Technical requirements
    16. Business continuity and disaster recovery project plan
    17. Summary
    18. References
  12. Business Continuity and Disaster Recovery in Energy/Utilities
    1. Abstract
    2. In this chapter
    3. Introduction
    4. Integrating BC/DR requirements into IT governance
    5. Improving BC/DR recovery and risk mitigation strategies
    6. Improving BC/DR testing
    7. Summary of best practices and key concepts
    8. References
  13. Chapter 4. Risk Assessment
    1. Abstract
    2. In this chapter
    3. Introduction
    4. Risk management basics
    5. People, process, technology, and infrastructure in risk management
    6. IT-Specific risk management
    7. Risk assessment components
    8. Threat assessment methodology
    9. Vulnerability assessment
    10. Summary
    11. References
  14. Chapter 5. Business Impact Analysis
    1. Abstract
    2. In this chapter
    3. Introduction
    4. Business impact analysis overview
    5. Understanding impact criticality
    6. Identifying business functions
    7. Gathering data for the business impact analysis
    8. Determining the impact
    9. Business impact analysis data points
    10. Preparing the business impact analysis report
    11. Summary
    12. References
  15. Business Continuity and Disaster Recovery in Healthcare
    1. Abstract
    2. In this chapter
    3. Introduction to healthcare IT
    4. Regulatory environment
    5. Healthcare IT risk management
    6. Technical needs—Healthcare IT architecture
    7. Healthcare operational needs
    8. Interoperability among disparate systems
    9. Current environment and new technology
    10. Healthcare IT BC/DR best practices
    11. Summary
    12. References
  16. Chapter 6. Risk Mitigation Strategy Development
    1. Abstract
    2. In this chapter
    3. Introduction
    4. Types of risk mitigation strategies
    5. The risk mitigation process
    6. Developing your risk mitigation strategy
    7. People, buildings, and infrastructure
    8. IT risk mitigation
    9. Backup and recovery considerations
    10. Summary
    11. References
  17. Chapter 7. Business Continuity/Disaster Recovery Plan Development
    1. Abstract
    2. In this chapter
    3. Introduction
    4. Implement risk mitigation strategies
    5. Phases of business continuity and disaster
    6. Defining BC/DR teams and key personnel
    7. Defining tasks and assigning resources
    8. Communications plans
    9. Event logs, change control, and appendices
    10. What’s next
    11. Summary
    12. References
  18. Business Continuity and Disaster Recovery in Financial Services
    1. Abstract
    2. In this chapter
    3. Overview
    4. Finance industry regulation overview
    5. Finance industry requirements for business continuity
    6. Industry impact—September 11 attacks
    7. Industry impact—Hurricane Sandy
    8. Industry impact—Cyber threats
    9. Looking forward
    10. Summary
    11. References
  19. Chapter 8. Emergency Response and Recovery
    1. Abstract
    2. In this chapter
    3. Introduction
    4. Emergency management overview
    5. Emergency response plans
    6. Emergency response teams
    7. Crisis management team
    8. Disaster recovery
    9. Business continuity
    10. Summary
    11. References
  20. Business Continuity and Disaster Recovery for Small- and Medium-Sized Businesses
    1. Abstract
    2. In this chapter
    3. Overview of SMB disaster recovery
    4. SMB disaster preparedness: Survey results
    5. On-Premise disaster recovery
    6. Using a Co-location data center for disaster recovery
    7. Disaster recovery in the cloud
    8. Summary
    9. References
  21. Chapter 9. Training, Testing, and Auditing
    1. Abstract
    2. In this chapter
    3. Introduction
    4. Training for disaster recovery and business continuity
    5. Training and testing for your business continuity and disaster recovery plan
    6. Testing the BC/DR plan
    7. Performing IT systems and security audits
    8. IT systems and security audits
    9. Summary
    10. References
  22. Chapter 10. BC/DR Plan Maintenance
    1. Abstract
    2. In this chapter
    3. Introduction
    4. BC/DR plan change management
    5. BC/DR plan audit
    6. Plan maintenance activities
    7. Project close out
    8. Summary
    9. Key concepts
  23. Appendix A. Risk Management Checklist
    1. Risk assessment
    2. Mitigation strategies
  24. Appendix B. Crisis Communications Checklist
    1. Communication checklist
    2. Message content
  25. Appendix C. Emergency Response and Recovery Checklists
    1. High-level checklist
    2. Activation checklists
    3. Emergency response checklists
    4. Recovery checklists
  26. Appendix D. Business Continuity Checklist
    1. Resuming work
    2. Manufacturing, warehouse, production, and operations
    3. Resuming normal operations
    4. Transition to normalized activities
  27. Appendix E. IT Recovery Checklists
    1. IT recovery checklist one: Infrastructure
    2. Recovery checklist three: Office area and end-user recovery
    3. Recovery checklist four: Business process recovery
    4. Recovery checklist five: Manufacturing, production, and operations recovery
  28. Appendix F. Training, Testing, and Auditing Checklists
    1. Training and testing
    2. IT auditing
  29. Appendix G. BC/DR Plain Maintenance Checklist
    1. Change management
  30. Glossary of Terms
  31. Index